On 2019-12-10 07:21, Cameron Simpson wrote:
On 09Dec2019 18:05, Bob Goodwin <bobgoodwin(a)fastmail.us>
wrote:
> My NFS server works fine but not as a user other than root and I have not been able
to change that. I suspect this is not an uncommon problem and hope that someone can tell
me how to fix it?
Are you saying that on a _client_ machine, users who are not root cannot browse the
mounted NFS tree?
If so, the first thing to come to mind is that traditionally, the underlying mount
directory permissions govern access to the top of the mount. So:
- umount the NFS share
- look at the perms on the mount point; are they root only?
- try: chmod 755 /the/mount/point
- remount the NFS share and retest
That isn't quite what he'd want. Example below. Note that this is a home system
and I keep the UID and GID
of all users the same on multiple system.
Example: (The NFS client is meimei and I start with no file system mounted)
[egreshko@meimei ~]$ whoami
egreshko
[egreshko@meimei ~]$ ls -ld /mnt
drwxr-xr-x. 3 root root 4096 Jul 25 08:35 /mnt
[egreshko@meimei ~]$ touch /mnt/x
touch: cannot touch '/mnt/x': Permission denied
[egreshko@meimei ~]$ sudo mount f31k:/home/egreshko /mnt
[egreshko@meimei ~]$ ls -ld /mnt
drwx------. 17 egreshko egreshko 4096 Dec 9 23:00 /mnt
[egreshko@meimei ~]$ touch /mnt/x
[egreshko@meimei ~]$ ls -l /mnt
total 36
drwxr-xr-x. 2 egreshko egreshko 4096 Nov 22 10:56 Desktop
drwxr-xr-x. 2 egreshko egreshko 4096 Nov 22 10:56 Documents
drwxr-xr-x. 2 egreshko egreshko 4096 Nov 22 10:56 Downloads
drwxrwxr-x. 2 egreshko egreshko 4096 Nov 27 08:29 flash
drwxr-xr-x. 2 egreshko egreshko 4096 Nov 22 10:56 Music
drwxr-xr-x. 2 egreshko egreshko 4096 Nov 22 10:56 Pictures
drwxr-xr-x. 2 egreshko egreshko 4096 Nov 22 10:56 Public
drwxr-xr-x. 2 egreshko egreshko 4096 Nov 22 10:56 Templates
drwxr-xr-x. 2 egreshko egreshko 4096 Nov 22 10:56 Videos
-rw-rw-r--. 1 egreshko egreshko 0 Dec 10 07:50 x
Note that the mounted file system keeps the UID/GID as defined on server.
So, one way of ensuring users can access mounted file systems as themselves is it make it
such
that the UID/GID's match on the client and server and that the permissions are such
that it allows
the needed access.
--
The key to getting good answers is to ask good questions.